<?php
include('header.php');
/**
 * User not an administrator, redirect to Home page
 * automatically.
 */
if(!$session->isAdmin()){
   header("Location: ../index.php");
}
else{?>
    <div id="content">
        <div id="title">
        <h2>Search Users</h2> 
        <p>Choose an option to search for.</p>
        </div>
        <form id="searchform" name="search" method="post" action="searchUsers.php?go">
                <p align="center">Search for 
                <select name="field">
                    <option value="username">Username</option>
                    <option value="firstName">First Name</option>
                    <option value="lastName">Last Name</option>
                    <option value="email">Email</option>
                </select>: <input style="width:400px;" type="text" name="searchTerm" /><input type="submit" name="submit" value="Search" /></p>
        </form>
        <?php 
    if(isset($_POST['submit'])){
        if(isset($_GET['go'])){
            $searchTerm = $_POST['searchTerm'];
            $field = $_POST['field'];
            //connect to the database
            $result = mysql_query("SELECT * FROM users WHERE $field LIKE '%$searchTerm%'");
            $total_results = mysql_num_rows($result);
            // Error checking result
            if(!$result || ($total_results < 0)){
                echo "<p>Error displaying info</p>
                    </div>";
                include('footer.php');
                return;
            }
            if($total_results == 0){
                echo "<p>There are no result</p>
                    </div>";
                include('footer.php');
                return;
            }
            else { 
                // display the result in a table
                echo "<b>Result for: </b>$searchTerm
                    <div style='overflow:auto; height:85%'><table border='1' cellpadding='2' cellspacing='0'>
                    <tr><th width='200px'>Username</th> <th width='150px'>First Name</th> <th width='150px'>Last Name</th> <th width='300px'>Email</th></tr>";
                // loop through results of database query, displaying them in the table 
                for ($i = 0; $i < $total_results; $i++){
                    // make sure that PHP doesn't try to show results that don't exist
                    if ($i == $total_results) { break; }	
                    // echo out the contents of each row into a table
                    $uname = mysql_result($result, $i, 'username');
                    $first = mysql_result($result, $i, 'firstName');
                    $last = mysql_result($result, $i, 'lastName');
                    $email = mysql_result($result, $i, 'email');
                    echo "<tr><td><a href='../userinfo.php?user=$uname'>$uname</a></td> <td>$first</td> <td>$last</td> <td>$email</td></tr>";
                }
                // close table>
                echo "</table>"; 	
                // pagination 
            }
        }
    }?>
    </div>
<?php }
include('footer.php'); ?>